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DETAILED ACTION 

1 . Claims 1-30 have been examined. 

Allowable Subject Matter 

2. Claims 7, 8, and 15 are objected to as being dependent upon a rejected base claim, but 
would be allowable if rewritten in independent form including all of the limitations of the base 
claim and any intervening claims. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed publication in this 
or a foreign country, before the invention thereof by the applicant for a patent 

4. Claim 1 is rejected under 35 U.S.C. 102(a) as being anticipated by Adams U.S. Pat. No. 
6718470 (hereinafter Adams). 

5. As per claim 1, Adams discloses a method for authenticating a principal, comprising: 
receiving an access request from a first principal for access to a second principal (Adams: 
column 6 lines 49-57); evaluating a contract to acquire a credential for the first principal 
(Adams: column 6 lines 57-61); and transmitting the credential to the first principal for use in 
interacting with the second principal (Adams: column 6 lines 62-65), wherein the credential 
includes authentication information, aggregated attributes and aggregated policies for use by the 
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first principal in interacting with the second principal (Adams: column 6 line 65 - column 7 line 
5). 



Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

7. Claims 1-4, 6, 9-30 are rejected under 35 U.S.C. 102(e) as being anticipated by Wood et 
al. U.S. Pub. No. 20040210771 (hereinafter Wood). 

8. As per claim 1 , Wood discloses a method for authenticating a principal, comprising: 
receiving an access request from a first principal for access to a second principal (Wood: [0036]: 
receive request from entity); evaluating a contract to acquire a credential for the first principal 
(Wood: [0036]: authenticate the entity; [0044]: session token is provided to requesting entity); 
and transmitting the credential to the first principal for use in interacting with the second 
principal (Wood: [0047]: the session token allows the requesting entity to interact with the 
resources), wherein the credential includes authentication information, aggregated attributes and 
aggregated policies for use by the first principal in interacting with the second principal (Wood: 
[0046]). 
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9. As per claim 2, Wood discloses the method of claim 1 . Wood further discloses 
determining if the first principal is authenticated based on the contract and if the first principal is 
not authenticated establishing an authentication session with the first principal to properly 
authenticate the first principal based on the contract (Wood: [0047]: establish session if not 
already established by authenticating the user). 

10. As per claim 3, Wood discloses the method of claim 1. Wood further discloses receiving 
an additional access request from the first principal for access to a third principal (Wood: [0075]: 
another service); evaluating a new contract to acquire a second credential for the first principal 
(Wood: [0075]: additional authentication is required); and transmitting the second credential to 
the first principal for use in interacting with the third principal (Wood: [0075]: updated session 
credential is provided). 

11. As per claim 4, Wood discloses the method of claim 1 . Wood further discloses removing 
the contract or>revoking the credential when an expiring event is detected during a session with 
the first principal ([0046]). 

12. As per claim 6, Wood discloses the method of claim 1 . Wood further discloses receiving 
a modification to the contract from the principal (Wood: [0010]); determining if the modification 
is permissible according to the contract; updating the contract if the modification is permissible 
(Wood: [0010]); deriving a modified credential from the contract; and transmitting the modified 
credential to the first principal for use in interacting with the second principal (Wood: [0039]). 
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13. As per claim 9, Wood discloses a method for authenticating a principal, comprising: 
receiving first requests from a first principal to interact with one or more different principals 
(Wood: [0036]: receive request from entity); acquiring first contracts for the first principal, 
wherein each first contract is associated with a different one of the one or more different 
principals (Wood: [0036]: authenticate the entity; [0044]: session token is provided to requesting 
entity; [0048]: check required trust level); acquiring a second contract for each of the one or 
more different principals (Wood: [0039]); selectively assembling and transmitting first 
credentials for the first requests for use by the first principal in interacting with the one or more 
different principals (Wood: [0045]: new session token); and selectively assembling and 
transmitting second credentials for other requests associated with and used by the one or more 
different principals when interacting with the first principal or when interacting with different 
ones of the one or more different principals (Wood: [0057]). 

14. As per claim 10, Wood discloses the method of claim 9. Wood further discloses receiving 
modifications to one or more of the first contracts from the first principal or from one or more of 
the one or more different principals; selectively assembling and transmitting modified first 
credentials to the first principal based on the modifications (Wood: [0010]). 

15. As per claim 1 1 , Wood discloses the method of claim 9. Wood further discloses 
receiving modifications to one or more of the second contracts from the first principal or from 
the one or more of the one or more different principals; selectively assembling and transmitting 
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modified second credentials to the one or more different principals affected by the modifications 
(Wood: [0010]). 

16. As per claim 12, Wood discloses the method of claim 9. Wood further discloses detecting 
an event that renders one or more of the first or second contracts stale; and revoking one or more 
of the first or second credentials which are affected by the event (Wood: [0092]: credential 
revoked). 

17. As per claim 13, Wood discloses the method of claim 9. Wood further discloses wherein 
the selectively assembling of the first and second credentials further includes: acquiring 
appropriate authentication certificates for each of the first and second credentials; and acquiring 
aggregated attribute information and aggregated policies for each of the authentication 
certificates (Wood: [0010]). 

18. As per claim 14, Wood discloses the method of claim 13. Wood further discloses 
expressing the authentication certificates within the first and second credentials as assertions 
(Wood: [0010]). 

19. As per claim 15-30, claims 15-30 encompass the same scope as claims 1-4, 6, 9-14. 
Therefore, claims 15-30 are rejected based on the same reasons set forth above in rejecting 
claims 1-4, 6 and 9-14. 



Application/Control Number: 10/765,523 Page 7 

Art Unit: 2131 

Claim Rejections - 35 USC § 103 

20. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

21 . Claim 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over Wood in view of 
Bricknell et al. U.S. Pub. No. 20030061 144 (hereinafter Bricknell). 

22. As per claim 5, Wood discloses the method of claim 1. Wood does not explicitly disclose 
receiving a new request from a third principal, wherein the new request desires attribute 
information associated with the first principal; acquiring a new contract for the third principal; 
evaluating the new contract to acquire a new credential for the third principal; and transmitting 
the new credential to the third principal for use in authenticating and interacting with the first 
principal to acquire the attribute information. However, Bricknell discloses a third party wishing 
to obtain a user's attribute information is subject to access control by the verification service 
(Bricknell: [0028] and [0035]: determine the policy and grant attribute information to third 
entity). It would have been obvious to one having ordinary skill in the art to control the user's 
attribute information to service providers/resources because any authentication service can 
provide two side authentication services. Therefore, it would have been obvious to one having 
ordinary skill in the art at the time of applicant's invention to combine the teachings of Bricknell 
within the system of Wood because it prevents user's attribute information from obtained by 
hackers/malicious users. 
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Conclusion 

23. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Adams U.S. Pat. No. 6718470 discloses system for granting security privilege in a 
communication system. 

Blakeley, III et al. U.S. Pub. No. 20040128378 discloses method for user-determined 
attribute storage in a federated environment. 

Liddle U.S. Pub. No. 20040187031 discloses trust management. 

He et al. U.S. Pat. No. 6088451 discloses security system for network element access. 

Lortz U.S. Pat. No. 6957261 discloses resource policy management using a centralized 
policy data structure. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shin-Hon Chen whose telephone number is (571) 272-3789. The 
examiner can normally be reached on Monday through Friday 8:30am to 5:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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